On Tuesday, 1 October, 2019 22:15, David Conrad <drc@virtualized.org> wrote:
DoH (and DoT) encrypt (and authenticate) the application <-> recursive resolver channel (NOT the DNS data) which I gather some view as an attack vector.
Actually no. DoH and DoT encrypt the application <-> recursive resolver application channel. Some people may wish to believe that the current CA system provides some sort of meaningful "authentication" of the endpoint, but unless you have specifically acquired the remote endpoint's certificate through secure means and added it specifically to your verification store (and disabled the CA root), the endpoint is *not* authenticated. (Though it is possible that you have very lax authentication requirements and treat "authentication" based on the hearsay of a third-party that yet another third-party is trustworthy as being valid "authentication") IF AND ONLY IF the party to whom you have connected has kept their private key private THEN AND ONLY THEN is the conversation between the two applications protected from being decrypted by eavesdroppers between, but not at or beyond, each of those communicating applications. It is a common fallacy that TLS connections are authenticated. The vast majority of them are not authenticated in any meaningful fashion and all that can be said about TLS is that it provides an encrypted connection between the two communicating applications. This is perhaps why it is call *transport* layer security ... -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.